@dreamboard-games/cli 0.1.30-alpha.17 → 0.1.30-alpha.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (74) hide show
  1. package/README.md +3 -1
  2. package/dist/agent-verifier/agent-workspace-verifier.mjs +12 -12
  3. package/dist/agent-verifier/{chunk-LKQ557TJ.mjs → chunk-334H4LE4.mjs} +3 -3
  4. package/dist/agent-verifier/{chunk-DWLTCUUX.mjs → chunk-3Y4FRMTK.mjs} +6 -6
  5. package/dist/agent-verifier/{chunk-NFL3Z4Z7.mjs → chunk-5D3OJBDT.mjs} +12 -8
  6. package/dist/agent-verifier/{chunk-NFL3Z4Z7.mjs.map → chunk-5D3OJBDT.mjs.map} +1 -1
  7. package/dist/agent-verifier/{chunk-AXXUGU7Q.mjs → chunk-6AKXIY37.mjs} +54 -36
  8. package/dist/agent-verifier/chunk-6AKXIY37.mjs.map +1 -0
  9. package/dist/agent-verifier/{chunk-H3XNWKJU.mjs → chunk-7LFDFXLS.mjs} +2 -2
  10. package/dist/agent-verifier/{chunk-CO3BRUD6.mjs → chunk-AWZ4M4NS.mjs} +15 -3
  11. package/dist/agent-verifier/chunk-AWZ4M4NS.mjs.map +1 -0
  12. package/dist/agent-verifier/{chunk-S4ZQSUPB.mjs → chunk-H5L4KK4Y.mjs} +9 -12
  13. package/dist/agent-verifier/chunk-H5L4KK4Y.mjs.map +1 -0
  14. package/dist/agent-verifier/{chunk-V6AQDR7W.mjs → chunk-HUBV22JQ.mjs} +3 -3
  15. package/dist/agent-verifier/chunk-HUBV22JQ.mjs.map +1 -0
  16. package/dist/agent-verifier/{chunk-A67WUYN2.mjs → chunk-LEWM26XR.mjs} +4 -4
  17. package/dist/agent-verifier/chunk-LEWM26XR.mjs.map +1 -0
  18. package/dist/agent-verifier/{chunk-WAFBU5U7.mjs → chunk-OJFZVGEL.mjs} +38 -13
  19. package/dist/agent-verifier/chunk-OJFZVGEL.mjs.map +1 -0
  20. package/dist/agent-verifier/{chunk-G2ECODRB.mjs → chunk-PLXXH5LY.mjs} +2 -2
  21. package/dist/agent-verifier/{chunk-DPYC2NDB.mjs → chunk-UMW24KZI.mjs} +2 -2
  22. package/dist/agent-verifier/{chunk-5GCZZ6NW.mjs → chunk-ZOR5FTIG.mjs} +2 -2
  23. package/dist/agent-verifier/{compile-SDQ25N7K.mjs → compile-MO2URO5Z.mjs} +12 -12
  24. package/dist/agent-verifier/{global-config-6UGFPLDA.mjs → global-config-SXR6X3OZ.mjs} +3 -3
  25. package/dist/agent-verifier/{keychain-backend-BQLW5VEC.mjs → keychain-backend-UF3Z26JM.mjs} +1 -1
  26. package/dist/agent-verifier/keychain-backend-UF3Z26JM.mjs.map +1 -0
  27. package/dist/agent-verifier/{local-files-WPHUV6GU.mjs → local-files-DAFIR7SN.mjs} +4 -4
  28. package/dist/agent-verifier/{materialize-workspace-ENPMB66P.mjs → materialize-workspace-PWNT6HQK.mjs} +6 -6
  29. package/dist/agent-verifier/{reducer-native-test-harness-GY2CCQWN.mjs → reducer-native-test-harness-X2KQYSCD.mjs} +8 -8
  30. package/dist/agent-verifier/{static-scaffold-K52P52SV.mjs → static-scaffold-HXUQLJVN.mjs} +4 -4
  31. package/dist/agent-verifier/{sync-JSATJXVJ.mjs → sync-5YM4CSXL.mjs} +13 -13
  32. package/dist/agent-verifier/{test-LQAGEQLY.mjs → test-CNNVTFIG.mjs} +11 -11
  33. package/dist/agent-verifier/{workspace-codegen-4IWICKLB.mjs → workspace-codegen-SPPVHURX.mjs} +3 -3
  34. package/dist/authoring-compatibility-internal.js +1 -1
  35. package/dist/{chunk-ITT6Y7MM.js → chunk-R6RB4EKH.js} +23 -9
  36. package/dist/chunk-R6RB4EKH.js.map +1 -0
  37. package/dist/{chunk-AVOAT522.js → chunk-VWMKJL4A.js} +49 -38
  38. package/dist/chunk-VWMKJL4A.js.map +1 -0
  39. package/dist/{chunk-LWJUF42S.js → chunk-YRSE5DLH.js} +45 -23
  40. package/dist/{chunk-LWJUF42S.js.map → chunk-YRSE5DLH.js.map} +1 -1
  41. package/dist/{global-config-NLGAFSRU.js → global-config-UHGWFJIK.js} +2 -2
  42. package/dist/index.js +403 -12
  43. package/dist/index.js.map +1 -1
  44. package/dist/internal.js +3 -3
  45. package/dist/{keychain-backend-47LZ5IX5.js → keychain-backend-GO34KGTG.js} +1 -1
  46. package/dist/keychain-backend-GO34KGTG.js.map +1 -0
  47. package/package.json +1 -1
  48. package/release/authoring-release-set.json +4 -4
  49. package/dist/agent-verifier/chunk-A67WUYN2.mjs.map +0 -1
  50. package/dist/agent-verifier/chunk-AXXUGU7Q.mjs.map +0 -1
  51. package/dist/agent-verifier/chunk-CO3BRUD6.mjs.map +0 -1
  52. package/dist/agent-verifier/chunk-S4ZQSUPB.mjs.map +0 -1
  53. package/dist/agent-verifier/chunk-V6AQDR7W.mjs.map +0 -1
  54. package/dist/agent-verifier/chunk-WAFBU5U7.mjs.map +0 -1
  55. package/dist/agent-verifier/keychain-backend-BQLW5VEC.mjs.map +0 -1
  56. package/dist/chunk-AVOAT522.js.map +0 -1
  57. package/dist/chunk-ITT6Y7MM.js.map +0 -1
  58. package/dist/keychain-backend-47LZ5IX5.js.map +0 -1
  59. /package/dist/agent-verifier/{chunk-LKQ557TJ.mjs.map → chunk-334H4LE4.mjs.map} +0 -0
  60. /package/dist/agent-verifier/{chunk-DWLTCUUX.mjs.map → chunk-3Y4FRMTK.mjs.map} +0 -0
  61. /package/dist/agent-verifier/{chunk-H3XNWKJU.mjs.map → chunk-7LFDFXLS.mjs.map} +0 -0
  62. /package/dist/agent-verifier/{chunk-G2ECODRB.mjs.map → chunk-PLXXH5LY.mjs.map} +0 -0
  63. /package/dist/agent-verifier/{chunk-DPYC2NDB.mjs.map → chunk-UMW24KZI.mjs.map} +0 -0
  64. /package/dist/agent-verifier/{chunk-5GCZZ6NW.mjs.map → chunk-ZOR5FTIG.mjs.map} +0 -0
  65. /package/dist/agent-verifier/{compile-SDQ25N7K.mjs.map → compile-MO2URO5Z.mjs.map} +0 -0
  66. /package/dist/agent-verifier/{global-config-6UGFPLDA.mjs.map → global-config-SXR6X3OZ.mjs.map} +0 -0
  67. /package/dist/agent-verifier/{local-files-WPHUV6GU.mjs.map → local-files-DAFIR7SN.mjs.map} +0 -0
  68. /package/dist/agent-verifier/{materialize-workspace-ENPMB66P.mjs.map → materialize-workspace-PWNT6HQK.mjs.map} +0 -0
  69. /package/dist/agent-verifier/{reducer-native-test-harness-GY2CCQWN.mjs.map → reducer-native-test-harness-X2KQYSCD.mjs.map} +0 -0
  70. /package/dist/agent-verifier/{static-scaffold-K52P52SV.mjs.map → static-scaffold-HXUQLJVN.mjs.map} +0 -0
  71. /package/dist/agent-verifier/{sync-JSATJXVJ.mjs.map → sync-5YM4CSXL.mjs.map} +0 -0
  72. /package/dist/agent-verifier/{test-LQAGEQLY.mjs.map → test-CNNVTFIG.mjs.map} +0 -0
  73. /package/dist/agent-verifier/{workspace-codegen-4IWICKLB.mjs.map → workspace-codegen-SPPVHURX.mjs.map} +0 -0
  74. /package/dist/{global-config-NLGAFSRU.js.map → global-config-UHGWFJIK.js.map} +0 -0
package/dist/keychain-backend-47LZ5IX5.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/config/keychain-backend.ts"],"sourcesContent":["/**\n * OS keychain-backed `CredentialBackend` built on top of `@napi-rs/keyring`.\n *\n * Keychain is the required storage backend for published builds. Development\n * builds can still opt in with `credentialBackend: \"keychain\"` in\n * `~/.dreamboard/config.json` (see `credential-store.ts` for the resolver).\n * When enabled, it gives us:\n * - A refresh token encrypted at rest by the OS (Keychain on macOS,\n * Credential Vault on Windows, Secret Service on Linux).\n * - Protection against other processes running as the same user tailing\n * `~/.dreamboard/auth.json` to scrape the token.\n *\n * This module is loaded optionally: `@napi-rs/keyring` is declared as an\n * `optionalDependencies` entry. Published builds fail closed when the native\n * binary or OS keyring is unavailable; development builds may still use the\n * file backend.\n *\n * One-time migration: when the active backend is keychain and `auth.json` still\n * has tokens, `credential-store.ts` copies them into the keychain, verifies the\n * keychain read, and deletes the file. This is the only path that intentionally\n * mutates both backends.\n */\n\nimport type {\n CredentialBackend,\n Credentials,\n StoredSessionSnapshot,\n} from \"./credential-store.js\";\n\n/** Keychain service id. Shared across all Dreamboard CLI builds. */\nconst KEYCHAIN_SERVICE = \"dreamboard-cli\";\n/**\n * Keychain account id. The `user@host` shape is conventional but we keep\n * it fixed for now because the CLI only cares about \"the session for this\n * OS user\", not per-process sessions.\n */\nconst KEYCHAIN_ACCOUNT = \"session\";\n\ntype EntryInstance = {\n setPassword(value: string): void;\n getPassword(): string | null | undefined;\n deletePassword(): boolean;\n};\n\ntype KeyringModule = {\n Entry: new (service: string, account: string) => EntryInstance;\n};\n\nlet cachedModule: KeyringModule | null | undefined;\n\nasync function loadKeyringModule(): Promise<KeyringModule | null> {\n if (cachedModule !== undefined) return cachedModule;\n try {\n // `@napi-rs/keyring` is an optional dependency. If the native binary is\n // missing on this platform the dynamic import throws; resolver policy in\n // credential-store decides whether that is fatal.\n const mod = (await import(\"@napi-rs/keyring\")) as unknown as KeyringModule;\n cachedModule = mod;\n } catch {\n cachedModule = null;\n }\n return cachedModule;\n}\n\nfunction keychainProbe(entry: EntryInstance): boolean {\n // Some platforms have the module installed but no accessible keyring\n // (e.g. headless Linux without DBus). Touch getPassword to verify we\n // can talk to the service without side effects.\n try {\n entry.getPassword();\n return true;\n } catch {\n return false;\n }\n}\n\ntype KeychainPayload = {\n clerkAccessToken?: string;\n accessToken?: string;\n refreshToken?: string;\n clerkAccessExpiresAt?: string;\n tokenExpiresAt?: string;\n dreamboardApiToken?: string;\n dreamboardApiExpiresAt?: string;\n clerkOAuthIssuer?: string;\n clerkOAuthClientId?: string;\n clerkOAuthTokenUrl?: string;\n environment?: string;\n};\n\nfunction parsePayload(\n raw: string | null | undefined,\n): StoredSessionSnapshot | null {\n if (raw === null || raw === undefined) return null;\n const trimmed = raw.trim();\n if (trimmed.length === 0) return null;\n try {\n const parsed = JSON.parse(trimmed) as KeychainPayload;\n const accessToken = parsed.clerkAccessToken ?? parsed.accessToken;\n if (!accessToken && !parsed.refreshToken) return null;\n return {\n accessToken: accessToken || undefined,\n refreshToken: parsed.refreshToken || undefined,\n tokenExpiresAt:\n parsed.clerkAccessExpiresAt || parsed.tokenExpiresAt || undefined,\n dreamboardApiToken: parsed.dreamboardApiToken || undefined,\n dreamboardApiExpiresAt: parsed.dreamboardApiExpiresAt || undefined,\n clerkOAuthIssuer: parsed.clerkOAuthIssuer || undefined,\n clerkOAuthClientId: parsed.clerkOAuthClientId || undefined,\n clerkOAuthTokenUrl: parsed.clerkOAuthTokenUrl || undefined,\n environment: parsed.environment || undefined,\n };\n } catch {\n return null;\n }\n}\n\nfunction writeFull(entry: EntryInstance, creds: Credentials): void {\n if (!creds.accessToken || !creds.refreshToken) {\n throw new Error(\n \"Refusing to persist credentials with an empty accessToken or refreshToken.\",\n );\n }\n const payload: KeychainPayload = {\n clerkAccessToken: creds.accessToken,\n refreshToken: creds.refreshToken,\n clerkAccessExpiresAt: creds.tokenExpiresAt,\n dreamboardApiToken: creds.dreamboardApiToken,\n dreamboardApiExpiresAt: creds.dreamboardApiExpiresAt,\n clerkOAuthIssuer: creds.clerkOAuthIssuer,\n clerkOAuthClientId: creds.clerkOAuthClientId,\n clerkOAuthTokenUrl: creds.clerkOAuthTokenUrl,\n environment: creds.environment,\n };\n entry.setPassword(JSON.stringify(payload));\n}\n\nfunction writeAccessOnly(entry: EntryInstance, accessToken: string): void {\n if (!accessToken) {\n throw new Error(\"Refusing to persist an empty access token.\");\n }\n const payload: KeychainPayload = { accessToken };\n entry.setPassword(JSON.stringify(payload));\n}\n\nfunction clear(entry: EntryInstance): void {\n try {\n entry.deletePassword();\n } catch {\n // keyring-rs throws when the entry does not exist. That is fine -\n // `clearCredentials` contracts as idempotent.\n }\n}\n\nexport type KeychainAvailability =\n | { available: true; backend: CredentialBackend }\n | { available: false; reason: string };\n\n/**\n * Attempt to construct a keychain-backed `CredentialBackend`. Returns an\n * `available: false` result (with a reason) if the native module, the\n * OS keyring, or the probe fails.\n */\nexport async function tryKeychainBackend(): Promise<KeychainAvailability> {\n const mod = await loadKeyringModule();\n if (!mod) {\n return {\n available: false,\n reason: \"@napi-rs/keyring is not installed for this platform\",\n };\n }\n\n let entry: EntryInstance;\n try {\n entry = new mod.Entry(KEYCHAIN_SERVICE, KEYCHAIN_ACCOUNT);\n } catch (err) {\n return {\n available: false,\n reason: `Failed to construct keyring entry: ${String((err as Error).message ?? err)}`,\n };\n }\n\n if (!keychainProbe(entry)) {\n return {\n available: false,\n reason: \"OS keyring is not accessible from this process\",\n };\n }\n\n const backend: CredentialBackend = {\n name: \"keychain\",\n async read() {\n try {\n return parsePayload(entry.getPassword());\n } catch (err) {\n const message = String((err as Error).message ?? err);\n // Transient keychain access errors (e.g. Touch ID prompt\n // cancelled) should not surface as \"session wiped\". Treat the\n // unreadable state as \"no session\" so the caller can fall back\n // to prompting for login.\n if (/no matching entry|not found/i.test(message)) {\n return null;\n }\n throw err;\n }\n },\n async writeFull(creds) {\n writeFull(entry, creds);\n },\n async writeAccessOnly(accessToken) {\n writeAccessOnly(entry, accessToken);\n },\n async clear() {\n clear(entry);\n },\n };\n return { available: true, backend };\n}\n\n/**\n * Test-only escape hatch so unit tests can install a fake keyring module\n * without going through the dynamic import cache.\n */\nexport function _setKeyringModuleForTests(mod: KeyringModule | null): void {\n cachedModule = mod;\n}\n\nexport function _resetKeyringModuleForTests(): void {\n cachedModule = undefined;\n}\n"],"mappings":";;;;AA8BA,IAAM,mBAAmB;AAMzB,IAAM,mBAAmB;AAYzB,IAAI;AAEJ,eAAe,oBAAmD;AAChE,MAAI,iBAAiB,OAAW,QAAO;AACvC,MAAI;AAIF,UAAM,MAAO,MAAM,OAAO,kBAAkB;AAC5C,mBAAe;AAAA,EACjB,QAAQ;AACN,mBAAe;AAAA,EACjB;AACA,SAAO;AACT;AAEA,SAAS,cAAc,OAA+B;AAIpD,MAAI;AACF,UAAM,YAAY;AAClB,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAgBA,SAAS,aACP,KAC8B;AAC9B,MAAI,QAAQ,QAAQ,QAAQ,OAAW,QAAO;AAC9C,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,QAAQ,WAAW,EAAG,QAAO;AACjC,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,UAAM,cAAc,OAAO,oBAAoB,OAAO;AACtD,QAAI,CAAC,eAAe,CAAC,OAAO,aAAc,QAAO;AACjD,WAAO;AAAA,MACL,aAAa,eAAe;AAAA,MAC5B,cAAc,OAAO,gBAAgB;AAAA,MACrC,gBACE,OAAO,wBAAwB,OAAO,kBAAkB;AAAA,MAC1D,oBAAoB,OAAO,sBAAsB;AAAA,MACjD,wBAAwB,OAAO,0BAA0B;AAAA,MACzD,kBAAkB,OAAO,oBAAoB;AAAA,MAC7C,oBAAoB,OAAO,sBAAsB;AAAA,MACjD,oBAAoB,OAAO,sBAAsB;AAAA,MACjD,aAAa,OAAO,eAAe;AAAA,IACrC;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,UAAU,OAAsB,OAA0B;AACjE,MAAI,CAAC,MAAM,eAAe,CAAC,MAAM,cAAc;AAC7C,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,QAAM,UAA2B;AAAA,IAC/B,kBAAkB,MAAM;AAAA,IACxB,cAAc,MAAM;AAAA,IACpB,sBAAsB,MAAM;AAAA,IAC5B,oBAAoB,MAAM;AAAA,IAC1B,wBAAwB,MAAM;AAAA,IAC9B,kBAAkB,MAAM;AAAA,IACxB,oBAAoB,MAAM;AAAA,IAC1B,oBAAoB,MAAM;AAAA,IAC1B,aAAa,MAAM;AAAA,EACrB;AACA,QAAM,YAAY,KAAK,UAAU,OAAO,CAAC;AAC3C;AAEA,SAAS,gBAAgB,OAAsB,aAA2B;AACxE,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AACA,QAAM,UAA2B,EAAE,YAAY;AAC/C,QAAM,YAAY,KAAK,UAAU,OAAO,CAAC;AAC3C;AAEA,SAAS,MAAM,OAA4B;AACzC,MAAI;AACF,UAAM,eAAe;AAAA,EACvB,QAAQ;AAAA,EAGR;AACF;AAWA,eAAsB,qBAAoD;AACxE,QAAM,MAAM,MAAM,kBAAkB;AACpC,MAAI,CAAC,KAAK;AACR,WAAO;AAAA,MACL,WAAW;AAAA,MACX,QAAQ;AAAA,IACV;AAAA,EACF;AAEA,MAAI;AACJ,MAAI;AACF,YAAQ,IAAI,IAAI,MAAM,kBAAkB,gBAAgB;AAAA,EAC1D,SAAS,KAAK;AACZ,WAAO;AAAA,MACL,WAAW;AAAA,MACX,QAAQ,sCAAsC,OAAQ,IAAc,WAAW,GAAG,CAAC;AAAA,IACrF;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,KAAK,GAAG;AACzB,WAAO;AAAA,MACL,WAAW;AAAA,MACX,QAAQ;AAAA,IACV;AAAA,EACF;AAEA,QAAM,UAA6B;AAAA,IACjC,MAAM;AAAA,IACN,MAAM,OAAO;AACX,UAAI;AACF,eAAO,aAAa,MAAM,YAAY,CAAC;AAAA,MACzC,SAAS,KAAK;AACZ,cAAM,UAAU,OAAQ,IAAc,WAAW,GAAG;AAKpD,YAAI,+BAA+B,KAAK,OAAO,GAAG;AAChD,iBAAO;AAAA,QACT;AACA,cAAM;AAAA,MACR;AAAA,IACF;AAAA,IACA,MAAM,UAAU,OAAO;AACrB,gBAAU,OAAO,KAAK;AAAA,IACxB;AAAA,IACA,MAAM,gBAAgB,aAAa;AACjC,sBAAgB,OAAO,WAAW;AAAA,IACpC;AAAA,IACA,MAAM,QAAQ;AACZ,YAAM,KAAK;AAAA,IACb;AAAA,EACF;AACA,SAAO,EAAE,WAAW,MAAM,QAAQ;AACpC;AAMO,SAAS,0BAA0B,KAAiC;AACzE,iBAAe;AACjB;AAEO,SAAS,8BAAoC;AAClD,iBAAe;AACjB;","names":[]}